Solved

PHP shell_exec    executing a mysql query

Posted on 2014-01-18
16
1,368 Views
Last Modified: 2014-01-19
i have a PHP script where the following shell_exec seems to return null
echo "SIMPLE MYSQL:".       shell_exec('mysql cphulkd -e "SELECT 1+1 "')  ;

i've tried various ways to find out what it's returning but it seems to be blank/null.

the plain mysql shell command
mysql cphulkd -e "SELECT 1+1 "

works fine when executed directly from linux shell.

any thoughts on debugging PHP shell_exec ?

thanks
0
Comment
Question by:willsherwood
  • 9
  • 6
16 Comments
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
It's not a matter of debugging, it's that the web server user doesn't have permissions to do that.  Your web server would have to be running 'suexec' to run that under your own user permissions.  Which would have to be in your own directory.
0
 

Author Comment

by:willsherwood
Comment Utility
i'm running from root, with the files owned by and in grp of 'nobody'
permissions:  -rw-r--r--.

i've sandwiched the  shell_exec(mysql)  with
echo shell_exec(uptime);

and the uptime prints properly twice -- just nothing for the mysql command in between
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
If you are running PHP thru a web server, you are Not running as 'root', you are probably running as 'www' which has very limited permissions on purpose.  In theory, you should be able to run that PHP script on the command line instead of thru the web server and have it work.
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
This page http://us1.php.net/manual/en/function.shell-exec.php says that you can use 'exec' instead to get the program error code.  Note the notes about running under Apache and seeing a blank line for a multi-line response.

Of course, the more interesting question is why aren't you accessing MySQL thru the PHP drivers?
0
 

Author Comment

by:willsherwood
Comment Utility
the tables are internal WHM database tables with accessibility restrictions.
I'm trying to make a sort of limited API that i can call externally without security risks.
i cannot run mysql directly from PHP because i don't know (nor want to know) the authentication for the connection.

perhaps it's just not permitted to call anything related to mysql from shell_exec ?
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
It's probably not allowed to run anything at all thru 'shell_exec' because it doesn't have permission.  Anything run thru 'shell_exec' is run as the user that calls it and thru the web server that would be 'www', not 'root'.
0
 
LVL 58

Expert Comment

by:Gary
Comment Utility
Is shell_exec() enabled in php.ini and not disabled?
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
No.  It's all about user permissions.  You may run as 'root' at the command line but you will never run as 'root' thru the web server.  shell_exec() probably only works completely right if you also have 'suexec' running on the server.  'suexec' allows Apache to give you user access to the command line.  However... that can still be limited by the owner / user of the directory and files.

Your example "mysql cphulkd -e "SELECT 1+1 "" must be doing some kind of auto-login because I can't do that on my system.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:willsherwood
Comment Utility
sorry if my previous reply didn't get thru or wasn't clear... from within this PHP context:
    echo shell_exec(uptime);
works fine.
fwiw, also:
    echo shell_exec(dir);
    echo shell_exec("echo '1'");
work as expected.

cphulk is a cpanel system login monitor "firewall" for login protection, and its blocks are kept in the mysql table  cphulkd   which is accessible via the shell mysql command previously shown;   it's this mysql cmd line i cannot get to execute from within the  shell_exec.
Are you saying that some shell commands have differing permissions from other commands
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
It's possible.  Note that all your working examples don't change anything, they just report pretty generic information, and any user can run those commands.  The 'mysql' command line does require a login on every system that I know of.  What are you getting for a response from "mysql cphulkd -e "SELECT 1+1 ""?
0
 

Author Comment

by:willsherwood
Comment Utility
when i execute it directly in the shell, it gives the  +----+    tabled  format
 1+1

   2

when called from php   shell_exec,    nothing.  (null, or maybe a logged/hidden error)
0
 
LVL 82

Accepted Solution

by:
Dave Baldwin earned 500 total points
Comment Utility
I tried this on my Ubuntu 10.04 system and got basically the same results as you have.  'uptime' and 'dir' work.  But on the command line, my 'mysql' will not accept the password from the command line, only 'interactively'.  And it definitely won't accept a login with no user or password.
0
 

Author Closing Comment

by:willsherwood
Comment Utility
thanks for your help.
upon further inspection, indeed it was a mysql user/pw access problem
appreciate your patience and peristence
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
You're welcome, glad to help.
0
 

Author Comment

by:willsherwood
Comment Utility
it was just so curious that mysql seemed to be the only command that didn't work (that i tried).
but now we have an easy API for determining if someone is blocked via cpHulk login denial.
0
 
LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
Yes, that did seem odd.  Even odder on my system where it wouldn't allow the password on the command line.  I know that my older MySQL on my Windows box doesn't act that way.
0

Featured Post

Easy Project Management (No User Manual Required)

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Popularity Can Be Measured Sometimes we deal with questions of popularity, and we need a way to collect opinions from our clients.  This article shows a simple teaching example of how we might elect a favorite color by letting our clients vote for …
Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now